|
267531
|
5.9 |
MEDIUM
Local
|
ibm
|
sterling_secure_proxy
|
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to obtain access by leveraging an unattended workstati…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6025
|
2024-11-21 11:55 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267532
|
7.5 |
HIGH
Network
|
ibm
|
sterling_secure_proxy
|
Directory traversal vulnerability in the Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to read arbitrary…
|
CWE-22
Path Traversal
|
CVE-2016-6023
|
2024-11-21 11:55 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267533
|
7.5 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbi…
|
CWE-284
Improper Access Control
|
CVE-2016-5983
|
2024-11-21 11:55 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267534
|
5.4 |
MEDIUM
Network
|
ibm
|
business_process_manager
|
Cross-site scripting (XSS) vulnerability in a test page in IBM Business Process Manager Advanced 8.5.6.0 through 8.5.7.0 before cumulative fix 2016.09 allows remote authenticated users to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2016-5901
|
2024-11-21 11:55 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267535
|
5.4 |
MEDIUM
Network
|
ibm
|
multi-enterprise_integration_gateway
b2b_advanced_communications
|
Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.5_2, allows remote authenticated …
|
CWE-79
Cross-site Scripting
|
CVE-2016-5892
|
2024-11-21 11:55 |
2016-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267536
|
7.5 |
HIGH
Network
|
canonical
gnome
opensuse
|
ubuntu_linux
gdk-pixbuf
leap
opensuse
|
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-6352
|
2024-11-21 11:55 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267537
|
7.3 |
HIGH
Local
|
ibm
|
db2
db2_connect
|
Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse libra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5995
|
2024-11-21 11:55 |
2016-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267538
|
7.5 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote a…
|
CWE-200
Information Exposure
|
CVE-2016-5986
|
2024-11-21 11:55 |
2016-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267539
|
9.8 |
CRITICAL
Network
|
redhat
|
jboss_operations_network
|
The server in Red Hat JBoss Operations Network (JON), when SSL authentication is not configured for JON server / agent communication, allows remote attackers to execute arbitrary code via a crafted H…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2016-6330
|
2024-11-21 11:55 |
2016-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267540
|
5.3 |
MEDIUM
Network
|
sap
|
trex
|
The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226.
|
CWE-200
Information Exposure
|
CVE-2016-6146
|
2024-11-21 11:55 |
2016-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
